It'd be nice if apps had a base set of privs then expanded sets that could be allowed on install or later by request to the system/user.
That's already possible in current Android. Offer one app in Google Play Store that needs a small set of permissions, then offer other apps in Google Play Store that act as content providers for the main app. For example, there might be a "Swype" keyboard app that needs only the input method permission, a "Swype auf Deutsch" app that adds a German dictionary, a "Swype Local" app that adds nearby businesses to the dictionary (which requires the location permission), and a "Swype Knows Your Name" app that adds your contacts to the dictionary (which requires the read contacts permission). If they're all digitally signed by the same publisher (such as Nuance), they can share data structures intimately as if they were one app.
Also it'd be nice if the privileges were a lot more restricted, like "Use Ad Service to show you ads" instead of "Use Internet"
The example you give is not possible unless you want all ad-supported apps in Google Play Store to move to a single monopoly ad provider. If you whitelist communication with one hostname, that host could act as a proxy to access any other host.